Home > OS >  Does log4r also possible security vulnerabilities like that if log4j
Does log4r also possible security vulnerabilities like that if log4j

Time:12-19

Does log4r also possess security vulnerabilities like log4j. And does log4j security vulnerabilities also affect log4r

CodePudding user response:

This has been addressed by the creator of log4r (Aaron Jacobs) on the log4r Github page, here:

We are in no way affected by that CVE, nor is there an analogous design flaw in this package.

So, the authors do not think so.

CodePudding user response:

A nice place to check for security vulnerabilities in R packages is Sonatype OSS Index.

They don't find any known vulnerabilities in the current version of log4r on CRAN: https://ossindex.sonatype.org/component/pkg:cran/log4r

  • Related